Hello-
I'm testing out some local mods I've made to the ldapsearch command and I have the -d 2 flag to enable debugging set.
/usr/local/src/openldap/openldap-2.4.46/clients/tools/ldapsearch -h ldap-test1.test.org -p 11389 -ZZ -D cn=somecn -w somepw -b 'dc=test,dc=org' '(uid=husk)' -d 2
When I run this, I get a lot of what I need, but I noticed the following is emitted at the top.
*Using CA cert /etc/openldap/cacerts/ca-bundle.crt as stipulated by environment variable $LDAPTLS_CACERT.*
I was looking to see where in the openldap code this string comes from, but I can't seem to find it. (I thought a thorough 'grepping' would locate it, but it did not, nor does
strings /usr/local/src/openldap/openldap-2.4.46/clients/tools/ldapsearch |grep "stipulated"
). So it's from the ssl library I assumed. Nope, didn't find it there either.
Can someone point me to where it comes from please? Sorry if this is a dumb question that I should already know.
--On Thursday, July 12, 2018 5:56 PM -0400 Ray Lauff crazed.husk@gmail.com wrote:
Using CA cert /etc/openldap/cacerts/ca-bundle.crt as stipulated by environment variable $LDAPTLS_CACERT.
Can someone point me to where it comes from please? Sorry if this is a dumb question that I should already know.
It definitely doesn't come from the OpenLDAP project. Beyond that, no idea. I don't know where your binaries come from but it could be a custom patch by a downstream vendor (RedHat, Debian, etc).
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org
-
Quanah Gibson-Mount -
Ray Lauff